Re: [Idr] FW: New Version Notification for draft-ietf-idr-bgp-open-policy-22.txt
Jeffrey Haas <jhaas@pfrc.org> Tue, 15 February 2022 14:48 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF1DC3A0D1B; Tue, 15 Feb 2022 06:48:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gcs_4jjQVezm; Tue, 15 Feb 2022 06:48:40 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id A1C8B3A0D0B; Tue, 15 Feb 2022 06:48:40 -0800 (PST)
Received: by slice.pfrc.org (Postfix, from userid 1001) id B24F91E341; Tue, 15 Feb 2022 09:48:39 -0500 (EST)
Date: Tue, 15 Feb 2022 09:48:39 -0500
From: Jeffrey Haas <jhaas@pfrc.org>
To: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
Cc: "bruno.decraene@orange.com" <bruno.decraene@orange.com>, "idr@ietf.org" <idr@ietf.org>, "Alvaro Retana (aretana)" <aretana@cisco.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, Susan Hares <shares@ndzh.com>, Alexander Azimov <a.e.azimov@gmail.com>
Message-ID: <20220215144839.GL15589@pfrc.org>
References: <164450039103.18823.6537348944134332594@ietfa.amsl.com> <SA1PR09MB81425A2C93A8B01D69ECF4C0842F9@SA1PR09MB8142.namprd09.prod.outlook.com> <20220210141346.GA28463@pfrc.org> <SA1PR09MB8142F6BCFCA2FAC557CE1F4E842F9@SA1PR09MB8142.namprd09.prod.outlook.com> <20220210160935.GD28463@pfrc.org> <SA1PR09MB814282B289F4061F72EBC356842F9@SA1PR09MB8142.namprd09.prod.outlook.com> <14670_1644570888_62062908_14670_192_1_f1ffc8e0bc5d417cbe88d57935bf4506@orange.com> <20220211145238.GH28463@pfrc.org> <SA1PR09MB8142DCF7B9B8982F5BBEE18084339@SA1PR09MB8142.namprd09.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <SA1PR09MB8142DCF7B9B8982F5BBEE18084339@SA1PR09MB8142.namprd09.prod.outlook.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/hYq5N3JD27BMvBCojzPUar-2MTw>
Subject: Re: [Idr] FW: New Version Notification for draft-ietf-idr-bgp-open-policy-22.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2022 14:48:43 -0000
Sriram, In a side conversation, Bruno points out RFC 7606 sense of malformed with targeted actions is appropriate. So, I withdraw my comment about not calling these malformed. Updated proposal follows: On Mon, Feb 14, 2022 at 09:02:42PM +0000, Sriram, Kotikalapudi (Fed) wrote: > > OLD: If an eBGP speaker receives an UPDATE with an OTC Attribute with a > > > > length different from 4 octets, then the UPDATE SHALL be considered > > > > malformed. If malformed, the UPDATE message SHALL be handled using > > > > the approach of treat-as-withdraw [RFC7606<https://datatracker.ietf.org/doc/html/rfc7606><http://rfc7606%3Chttps//datatracker.ietf.org/doc/html/rfc7606%3E>]6>]. > > > > > > > > If an UPDATE with an OTC Attribute is received in iBGP, then the > > > > Attribute or UPDATE SHALL NOT be considered malformed based on the > > > > specified length. This avoids treat-as-withdraw error handling and > > > > prevents the possibility of long-lived forwarding loops in iBGP > > > > (Section 6 in [RFC7606]<https://datatracker.ietf.org/doc/html/rfc7606#section-6><http://rfc7606]%3Chttps//datatracker.ietf.org/doc/html/rfc7606>)6>). It also avoids Attribute-discard error > > > > handling [RFC7606<https://datatracker.ietf.org/doc/html/rfc7606><http://rfc7606%3Chttps//datatracker.ietf.org/doc/html/rfc7606%3E>] and hence route leak detection capability is not > > > > compromised in case the route is propagated to eBGP neighbors. > > > > NEW: <null> NEW: An OTC Attribute with a length that is not 4 octets SHALL be considered malformed. An UPDATE message with a malformed OTC Attribute received from an eBGP peer MUST be handled using the approach of "treat-as-withdraw". When an UPDATE message with a malformed OTC Attribute is received from an iBGP peer, the OTC message's value field SHOULD be ignored and considered invalid. Applying "treat-as-withdraw" behaviors to routes received via iBGP may lead to forwarding loops. ([RFC 7606], Section 6.) Retaining the malformed OTC Attribute with an invalid value permits an adjacent AS to prevent route leaks. > > > > OLD: > > > > 2. If a route with the OTC Attribute is received from a Peer (i.e., > > > > remote AS with a Peer Role) and the Attribute has a value that is > > > > not equal to the remote (i.e., Peer's) AS number, then it is a > > > > route leak and MUST be considered ineligible. > > > > > > NEW: > > > > 2. If a route with the OTC Attribute is received from a Peer (i.e., > > > > remote AS with a Peer Role) and the Attribute has a value that is > > > > not equal to the remote (i.e., Peer's) AS number (including when the attribute value is not 4 octets), then it is a > > > > route leak and MUST be considered ineligible. > > 2. If a route with the OTC Attribute is received from a Peer (i.e., > remote AS with a Peer Role) and the Attribute has a value that is > not equal to the remote (i.e., Peer's) AS number, or the value is invalid, > then it is a route leak and MUST be considered ineligible.
- [Idr] FW: New Version Notification for draft-ietf… Sriram, Kotikalapudi (Fed)
- Re: [Idr] FW: New Version Notification for draft-… Jeffrey Haas
- Re: [Idr] FW: New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Idr] FW: New Version Notification for draft-… Jeffrey Haas
- Re: [Idr] FW: New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Idr] FW: New Version Notification for draft-… bruno.decraene
- Re: [Idr] FW: New Version Notification for draft-… Jeffrey Haas
- Re: [Idr] FW: New Version Notification for draft-… Jeffrey Haas
- Re: [Idr] FW: New Version Notification for draft-… bruno.decraene
- Re: [Idr] FW: New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Idr] FW: New Version Notification for draft-… Jeffrey Haas
- Re: [Idr] FW: New Version Notification for draft-… Alexander Azimov
- Re: [Idr] FW: New Version Notification for draft-… bruno.decraene
- Re: [Idr] FW: New Version Notification for draft-… Sriram, Kotikalapudi (Fed)